Описание
SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
EPSS
6.4 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.
Уязвимость программной интеграционной платформы SAP NetWeaver Design Time Repository, позволяющая нарушителю внедрить произвольный HTML-код
EPSS
6.4 Medium
CVSS3
5.4 Medium
CVSS3